Proposition for an On Demand Clandestine Communication Network (P2CN) 2015

Cellphones are modern day trojan horses, ubiquitous spies lying in wait. Intelligence analysts can locate any cellphone in the world, reconstruct its movements, and correlate its connections to expose a user. This is a lesson the United States Central Intelligence Agency (CIA) has learned the hard way on at least two occasions, once in Italy in 2005 and again in Lebanon in 2011.

In 2003, the CIA kidnapped Hassan Mustafa Osama Nasr (aka Abu Omar), the Imam of a mosque in Milan, as part of the agency’s extraordinary rendition program under the auspices of the Bush administration’s “global war on terrorism.” In 2005, the Italian government issued warrants for the arrest of 22 Americans, believed to be CIA agents, accused of carrying out the kidnapping.

Italian law enforcement used network analysis of cellphone metadata to discover an anomalous closed network of approximately 30 phones. After closer analysis of the network, they were able to trace the movements of the phones parallel to known surveillance of Nasr, and then connect the network to the CIA. Cellular handsets have a unique identifier called an IMEI, while subscriber identity module (SIM) cards (used to authenticate subscribers) have a completely different unique identifier called an IMSI. Hollywood films often show users swapping SIM cards in order to evade detection, however swapping SIM cards only serves to link two SIMs to each other. In the Milan case, an operational handset, used to make calls within the clandestine CIA mobile network, was accidentally paired with a “clean” SIM, meant only to be used by one agent to contact the local CIA station. The Italian authorities eventually found this connection, giving them the link they needed to prove CIA involvement in the kidnapping.

In 2011, the militant Islamist group Hizballah rolled up the CIA’s spy network and most of their human assets in Beirut, Lebanon by analyzing cellphone metadata to find similarly anomalous networks. They were able to approximate the location of each node using tower dumps, and then task physical surveillance to suss out the agents and informants.

Staying hidden while using cellphones is very hard. It either requires blending in perfectly, raising absolutely zero attention or suspicion, or it requires ensuring that any anomalous behavior is so anomalous that analyzing it is useless.